Adept_flex—Supporting Dynamic Changes of Workflows Without Losing Control
Journal of Intelligent Information Systems - Special issue on workflow management systems
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
An access control model for data archives
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
A Component-Based Architecture for Secure Data Publication
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Criticality Aware Access Control Model for Pervasive Applications
PERCOM '06 Proceedings of the Fourth Annual IEEE International Conference on Pervasive Computing and Communications
Redirection policies for mission-based information sharing
Proceedings of the eleventh ACM symposium on Access control models and technologies
Managing exceptions in the medical workflow systems
Proceedings of the 28th international conference on Software engineering
A Study of Access Control Requirements for Healthcare Systems Based on Audit Trails from Access Logs
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
POLICY '07 Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks
Provisions and obligations in policy management and security applications
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A privacy-aware access control system
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Towards improved privacy policy coverage in healthcare using policy refinement
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
An auto-delegation mechanism for access control systems
STM'10 Proceedings of the 6th international conference on Security and trust management
An analytical solution for consent management in patient privacy preservation
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Quantitative access control with partially-observable Markov decision processes
Proceedings of the second ACM conference on Data and Application Security and Privacy
Risk-Based auto-delegation for probabilistic availability
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
A quantitative approach for inexact enforcement of security policies
ISC'12 Proceedings of the 15th international conference on Information Security
A white-box policy analysis and its efficient implementation
Proceedings of the 18th ACM symposium on Access control models and technologies
CAAC -- An Adaptive and Proactive Access Control Approach for Emergencies in Smart Infrastructures
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
Hi-index | 0.00 |
One truth holds for the healthcare industry - nothing should interfere with the delivery of care. Given this fact, the access control mechanisms used in healthcare to regulate and restrict the disclosure of data are often bypassed. This "break the glass"phenomenon is an established pattern in healthcare organizations and, though quite useful and mandatory in emergency situations, it represents a serious system weakness.In this paper, we propose an access control solution aimed at a better management of exceptions that occur in healthcare. Our solution is based on the definition of different policy spaces regulating access to patient data and used to balance the rigorous nature of traditional access control systems with the prioritization of care delivery.